Have you heard of the Electronic Frontier Foundation? If not, you should check them out: they fight patent trolls, they support copyright reform, and they’ve been vocal opponents of the NSA’s surveillance programs. They’re good people, and kind of piratey in their own way. At any rate, I was skimming over the EFF’s web site this morning, and three articles caught my attention.
(1) Awesome Privacy Tools in Android 4.3+. This posting, dated Dec 11th, talked about a cool new feature in Android: per-app permissions. Per-app permissions allows you to say things like App #1 gets access to my contact list, but Apps #2 and #3 don’t. This is a tremendously useful feature, and one that would give users a lot more control over how the information on their phones gets used. Unfortunately, it was too good to be true.
(2) Google Removes Vital Privacy Feature From Android, Claiming Its Release Was Accidental. That really cool privacy feature for Android? “Oops”, Google says, “our bad”. And Google pulled the feature after a few days, with a new Android release. Bad Google.
(3) NSA Turns Cookies (And More) Into Surveillance Beacons. This post outlines how the NSA uses Google ad cookies to track users on the internet. Lots of web sites make use of Google’s ad distribution network. When you visit one of these sites, your web browser makes a little call out to Google’s ad servers, and that call contains a “PREF” cookie (which identifies your ad profile). This cookie has a long lifetime, so that following a specific PREF cookie around the internet is equivalent to following a specific device around the internet. If the device is used by one person, then you’re following the person.
I’m not surprised by the NSA’s adoption of this tactic, but it’s an easy one to defeat: just tell your web browser to reject third-party cookies (e.g., you’ll accept cookies from the site you’re visiting, but not from the sites advertisers), and to delete cookies when the browser closes. Most browsers make this easy. Here’s how to do it in Firefox:
And here are the settings for “Clear History when Firefox closes”.
There are more web surveillance companies out there than you can shake a stick at, and all of them are interested in watching what you do on the web. These companies typically call themselves by friendlier names, like “Ad Distribution Networks”, and “Web Analytics”, but it really boils down to corporate surveillance. As we’ve seen during the past few months, a lot of corporate surveillance can easily turn into to government surveillance. So do yourself a favor: go out there and reject some cookies, and help thwart digital surveillance!